The information is from the North American website “Insider”, which published about the data set discovered by security researcher Alon Gal on Saturday (3). Facebook says the information is from a 2019 leak.
In all, there are data from 553 million Facebook users from 106 countries. The countries with the most information in the database are: Egypt (44 million), USA (32 million), Colombia (17.9 million), Algeria (11.5 million), United Kingdom (11 million), Spain (10 million) and Brazil (8 million).
In all, 9 types of information are being made available in the forum:
- Facebook ID (code that identifies each person in the social network);
- Date of creation of the Facebook account;
- Relationship status;
- Phone number;
- Full name;
- Birth date;
- Bio information;
- E-mail addresses (in some cases).
The “Insider” managed to verify the veracity of part of the data, and they matched that of real profiles of the social network. However, doubts remain as to whether this information is recent or not.
The news agency “Reuters” points out that this information is probably old, as a result of a leak that was reported in January this year by the North American website “Motherboard”. The difference is that at that time access to information was charged. Now, according to a report by the “Insider”, everything is available for free.
In a statement sent to Tilt, Facebook reported that “these data are old and were reported in 2019, the result of a vulnerability that we found and corrected in August of that year”.
What’s wrong with having this data leaked?
Regardless of whether they are old or not, legitimate information about this leak can be used by cybercriminals to attempt to steal people’s social network accounts.
The “Insider”, for example, did a test with the feature of resetting the Facebook password. For that, it was enough to use one of the e-mails, notify that they had forgotten and the social network showed part of the person’s phone number – before resetting a password, the platform sends a verification code and indicates part of the registered number.
This information could also be used in social engineering scams – knowing your name and phone number, for example, a cybercriminal could try to obtain bank information from victims. Or simply use this data for marketing campaigns – victims could be filled with patience with unsolicited calls or messages.
If you want to have more information than what to do when you have leaked information, we have a guide that explains how to proceed.
Get the latest news delivered to your inbox
Follow us on social media networks